Filtered by vendor Jetbrains Subscriptions
Filtered by product Intellij Idea Subscriptions
Total 51 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-29263 1 Jetbrains 1 Intellij Idea 2024-08-03 7.8 High
In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS.
CVE-2021-25756 1 Jetbrains 1 Intellij Idea 2024-08-03 5.3 Medium
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
CVE-2021-25758 1 Jetbrains 1 Intellij Idea 2024-08-03 7.8 High
In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.
CVE-2022-48433 1 Jetbrains 1 Intellij Idea 2024-08-03 6.1 Medium
In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server.
CVE-2022-48430 1 Jetbrains 1 Intellij Idea 2024-08-03 5.5 Medium
In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview.
CVE-2022-48432 1 Jetbrains 1 Intellij Idea 2024-08-03 5.2 Medium
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.
CVE-2022-48431 1 Jetbrains 1 Intellij Idea 2024-08-03 4.5 Medium
In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmation.
CVE-2022-47896 1 Jetbrains 1 Intellij Idea 2024-08-03 5 Medium
In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.
CVE-2022-47895 1 Jetbrains 1 Intellij Idea 2024-08-03 4.7 Medium
In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
CVE-2022-46828 2 Apple, Jetbrains 2 Macos, Intellij Idea 2024-08-03 5.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.
CVE-2022-46825 1 Jetbrains 1 Intellij Idea 2024-08-03 4 Medium
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.
CVE-2022-46827 1 Jetbrains 1 Intellij Idea 2024-08-03 3.9 Low
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
CVE-2022-46826 1 Jetbrains 1 Intellij Idea 2024-08-03 6.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.
CVE-2022-46824 2 Apple, Jetbrains 2 Macos, Intellij Idea 2024-08-03 5.6 Medium
In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.
CVE-2022-40978 1 Jetbrains 1 Intellij Idea 2024-08-03 7.5 High
The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking
CVE-2022-37010 1 Jetbrains 1 Intellij Idea 2024-08-03 3.6 Low
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not Defined" dialog was missed
CVE-2022-37009 1 Jetbrains 1 Intellij Idea 2024-08-03 3.9 Low
In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible
CVE-2022-29814 1 Jetbrains 1 Intellij Idea 2024-08-03 6.9 Medium
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
CVE-2022-29819 1 Jetbrains 1 Intellij Idea 2024-08-03 6.9 Medium
In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible
CVE-2022-29817 1 Jetbrains 1 Intellij Idea 2024-08-03 3.9 Low
In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible